diff options
Diffstat (limited to 'apps/plugins/mikmod/load_med.c')
-rw-r--r-- | apps/plugins/mikmod/load_med.c | 74 |
1 files changed, 57 insertions, 17 deletions
diff --git a/apps/plugins/mikmod/load_med.c b/apps/plugins/mikmod/load_med.c index aafb6602a6..a6af8c06cb 100644 --- a/apps/plugins/mikmod/load_med.c +++ b/apps/plugins/mikmod/load_med.c | |||
@@ -6,12 +6,12 @@ | |||
6 | it under the terms of the GNU Library General Public License as | 6 | it under the terms of the GNU Library General Public License as |
7 | published by the Free Software Foundation; either version 2 of | 7 | published by the Free Software Foundation; either version 2 of |
8 | the License, or (at your option) any later version. | 8 | the License, or (at your option) any later version. |
9 | 9 | ||
10 | This program is distributed in the hope that it will be useful, | 10 | This program is distributed in the hope that it will be useful, |
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 | GNU Library General Public License for more details. | 13 | GNU Library General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Library General Public | 15 | You should have received a copy of the GNU Library General Public |
16 | License along with this library; if not, write to the Free Software | 16 | License along with this library; if not, write to the Free Software |
17 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA | 17 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA |
@@ -20,7 +20,7 @@ | |||
20 | 20 | ||
21 | /*============================================================================== | 21 | /*============================================================================== |
22 | 22 | ||
23 | $Id: load_med.c,v 1.3 2005/04/07 19:57:38 realtech Exp $ | 23 | $Id$ |
24 | 24 | ||
25 | Amiga MED module loader | 25 | Amiga MED module loader |
26 | 26 | ||
@@ -189,6 +189,12 @@ static void MED_Cleanup(void) | |||
189 | MikMod_free(ba); | 189 | MikMod_free(ba); |
190 | MikMod_free(mmd0pat); | 190 | MikMod_free(mmd0pat); |
191 | MikMod_free(mmd1pat); | 191 | MikMod_free(mmd1pat); |
192 | me = NULL; | ||
193 | mh = NULL; | ||
194 | ms = NULL; | ||
195 | ba = NULL; | ||
196 | mmd0pat = NULL; | ||
197 | mmd1pat = NULL; | ||
192 | } | 198 | } |
193 | 199 | ||
194 | static void EffectCvt(UBYTE eff, UBYTE dat) | 200 | static void EffectCvt(UBYTE eff, UBYTE dat) |
@@ -338,7 +344,13 @@ static int LoadMEDPatterns(void) | |||
338 | of.numchn = numtracks; | 344 | of.numchn = numtracks; |
339 | if (numlines > maxlines) | 345 | if (numlines > maxlines) |
340 | maxlines = numlines; | 346 | maxlines = numlines; |
347 | /* sanity check */ | ||
348 | if (numtracks > 64) | ||
349 | return 0; | ||
341 | } | 350 | } |
351 | /* sanity check */ | ||
352 | if (! of.numchn) /* docs say 4, 8, 12 or 16 */ | ||
353 | return 0; | ||
342 | 354 | ||
343 | of.numtrk = of.numpat * of.numchn; | 355 | of.numtrk = of.numpat * of.numchn; |
344 | if (!AllocTracks()) | 356 | if (!AllocTracks()) |
@@ -346,10 +358,8 @@ static int LoadMEDPatterns(void) | |||
346 | if (!AllocPatterns()) | 358 | if (!AllocPatterns()) |
347 | return 0; | 359 | return 0; |
348 | 360 | ||
349 | if (! | 361 | if (!(mmd0pat = (MMD0NOTE *)MikMod_calloc(of.numchn * (maxlines + 1), sizeof(MMD0NOTE)))) |
350 | (mmd0pat = | 362 | return 0; |
351 | (MMD0NOTE *)MikMod_calloc(of.numchn * (maxlines + 1), | ||
352 | sizeof(MMD0NOTE)))) return 0; | ||
353 | 363 | ||
354 | /* second read: read and convert patterns */ | 364 | /* second read: read and convert patterns */ |
355 | for (t = 0; t < of.numpat; t++) { | 365 | for (t = 0; t < of.numpat; t++) { |
@@ -388,7 +398,15 @@ static int LoadMMD1Patterns(void) | |||
388 | of.numchn = numtracks; | 398 | of.numchn = numtracks; |
389 | if (numlines > maxlines) | 399 | if (numlines > maxlines) |
390 | maxlines = numlines; | 400 | maxlines = numlines; |
401 | /* sanity check */ | ||
402 | if (numtracks > 64) | ||
403 | return 0; | ||
404 | if (numlines >= 3200) /* per docs */ | ||
405 | return 0; | ||
391 | } | 406 | } |
407 | /* sanity check */ | ||
408 | if (! of.numchn) /* docs say 4, 8, 12 or 16 */ | ||
409 | return 0; | ||
392 | 410 | ||
393 | of.numtrk = of.numpat * of.numchn; | 411 | of.numtrk = of.numpat * of.numchn; |
394 | if (!AllocTracks()) | 412 | if (!AllocTracks()) |
@@ -396,10 +414,8 @@ static int LoadMMD1Patterns(void) | |||
396 | if (!AllocPatterns()) | 414 | if (!AllocPatterns()) |
397 | return 0; | 415 | return 0; |
398 | 416 | ||
399 | if (! | 417 | if (!(mmd1pat = (MMD1NOTE *)MikMod_calloc(of.numchn * (maxlines + 1), sizeof(MMD1NOTE)))) |
400 | (mmd1pat = | 418 | return 0; |
401 | (MMD1NOTE *)MikMod_calloc(of.numchn * (maxlines + 1), | ||
402 | sizeof(MMD1NOTE)))) return 0; | ||
403 | 419 | ||
404 | /* second read: really read and convert patterns */ | 420 | /* second read: really read and convert patterns */ |
405 | for (t = 0; t < of.numpat; t++) { | 421 | for (t = 0; t < of.numpat; t++) { |
@@ -471,6 +487,11 @@ static int MED_Load(int curious) | |||
471 | ms->numblocks = _mm_read_M_UWORD(modreader); | 487 | ms->numblocks = _mm_read_M_UWORD(modreader); |
472 | ms->songlen = _mm_read_M_UWORD(modreader); | 488 | ms->songlen = _mm_read_M_UWORD(modreader); |
473 | _mm_read_UBYTES(ms->playseq, 256, modreader); | 489 | _mm_read_UBYTES(ms->playseq, 256, modreader); |
490 | /* sanity check */ | ||
491 | if (ms->numblocks > 255 || ms->songlen > 256) { | ||
492 | _mm_errno = MMERR_NOT_A_MODULE; | ||
493 | return 0; | ||
494 | } | ||
474 | ms->deftempo = _mm_read_M_UWORD(modreader); | 495 | ms->deftempo = _mm_read_M_UWORD(modreader); |
475 | ms->playtransp = _mm_read_SBYTE(modreader); | 496 | ms->playtransp = _mm_read_SBYTE(modreader); |
476 | ms->flags = _mm_read_UBYTE(modreader); | 497 | ms->flags = _mm_read_UBYTE(modreader); |
@@ -479,6 +500,11 @@ static int MED_Load(int curious) | |||
479 | _mm_read_UBYTES(ms->trkvol, 16, modreader); | 500 | _mm_read_UBYTES(ms->trkvol, 16, modreader); |
480 | ms->mastervol = _mm_read_UBYTE(modreader); | 501 | ms->mastervol = _mm_read_UBYTE(modreader); |
481 | ms->numsamples = _mm_read_UBYTE(modreader); | 502 | ms->numsamples = _mm_read_UBYTE(modreader); |
503 | /* sanity check */ | ||
504 | if (ms->numsamples > 64) { | ||
505 | _mm_errno = MMERR_NOT_A_MODULE; | ||
506 | return 0; | ||
507 | } | ||
482 | 508 | ||
483 | /* check for a bad header */ | 509 | /* check for a bad header */ |
484 | if (_mm_eof(modreader)) { | 510 | if (_mm_eof(modreader)) { |
@@ -505,6 +531,14 @@ static int MED_Load(int curious) | |||
505 | me->songname = _mm_read_M_ULONG(modreader); | 531 | me->songname = _mm_read_M_ULONG(modreader); |
506 | me->songnamelen = _mm_read_M_ULONG(modreader); | 532 | me->songnamelen = _mm_read_M_ULONG(modreader); |
507 | me->dumps = _mm_read_M_ULONG(modreader); | 533 | me->dumps = _mm_read_M_ULONG(modreader); |
534 | /* sanity check */ | ||
535 | if (me->annolen > 0xffff) { | ||
536 | _mm_errno = MMERR_NOT_A_MODULE; | ||
537 | return 0; | ||
538 | } | ||
539 | /* truncate insane songnamelen (fail instead??) */ | ||
540 | if (me->songnamelen > 256) | ||
541 | me->songnamelen = 256; | ||
508 | } | 542 | } |
509 | 543 | ||
510 | /* seek to and read the samplepointer array */ | 544 | /* seek to and read the samplepointer array */ |
@@ -526,8 +560,14 @@ static int MED_Load(int curious) | |||
526 | /* copy song positions */ | 560 | /* copy song positions */ |
527 | if (!AllocPositions(ms->songlen)) | 561 | if (!AllocPositions(ms->songlen)) |
528 | return 0; | 562 | return 0; |
529 | for (t = 0; t < ms->songlen; t++) | 563 | for (t = 0; t < ms->songlen; t++) { |
530 | of.positions[t] = ms->playseq[t]; | 564 | of.positions[t] = ms->playseq[t]; |
565 | if (of.positions[t]>ms->numblocks) { /* SANITIY CHECK */ | ||
566 | /* fprintf(stderr,"positions[%d]=%d > numpat=%d\n",t,of.positions[t],ms->numblocks);*/ | ||
567 | _mm_errno = MMERR_LOADING_HEADER; | ||
568 | return 0; | ||
569 | } | ||
570 | } | ||
531 | 571 | ||
532 | decimalvolumes = (ms->flags & 0x10) ? 0 : 1; | 572 | decimalvolumes = (ms->flags & 0x10) ? 0 : 1; |
533 | bpmtempos = (ms->flags2 & 0x20) ? 1 : 0; | 573 | bpmtempos = (ms->flags2 & 0x20) ? 1 : 0; |
@@ -571,7 +611,7 @@ static int MED_Load(int curious) | |||
571 | of.flags |= UF_HIGHBPM; | 611 | of.flags |= UF_HIGHBPM; |
572 | } | 612 | } |
573 | MED_Version[12] = mh->id; | 613 | MED_Version[12] = mh->id; |
574 | of.modtype = StrDup(MED_Version); | 614 | of.modtype = MikMod_strdup(MED_Version); |
575 | of.numchn = 0; /* will be counted later */ | 615 | of.numchn = 0; /* will be counted later */ |
576 | of.numpat = ms->numblocks; | 616 | of.numpat = ms->numblocks; |
577 | of.numpos = ms->songlen; | 617 | of.numpos = ms->songlen; |
@@ -582,7 +622,7 @@ static int MED_Load(int curious) | |||
582 | char *name; | 622 | char *name; |
583 | 623 | ||
584 | _mm_fseek(modreader, me->songname, SEEK_SET); | 624 | _mm_fseek(modreader, me->songname, SEEK_SET); |
585 | name = MikMod_malloc(me->songnamelen); | 625 | name = (char *) MikMod_malloc(me->songnamelen); |
586 | _mm_read_UBYTES(name, me->songnamelen, modreader); | 626 | _mm_read_UBYTES(name, me->songnamelen, modreader); |
587 | of.songname = DupStr(name, me->songnamelen, 1); | 627 | of.songname = DupStr(name, me->songnamelen, 1); |
588 | MikMod_free(name); | 628 | MikMod_free(name); |
@@ -684,17 +724,17 @@ static CHAR *MED_LoadTitle(void) | |||
684 | { | 724 | { |
685 | ULONG posit, namelen; | 725 | ULONG posit, namelen; |
686 | CHAR *name, *retvalue = NULL; | 726 | CHAR *name, *retvalue = NULL; |
687 | 727 | ||
688 | _mm_fseek(modreader, 0x20, SEEK_SET); | 728 | _mm_fseek(modreader, 0x20, SEEK_SET); |
689 | posit = _mm_read_M_ULONG(modreader); | 729 | posit = _mm_read_M_ULONG(modreader); |
690 | 730 | ||
691 | if (posit) { | 731 | if (posit) { |
692 | _mm_fseek(modreader, posit + 0x2C, SEEK_SET); | 732 | _mm_fseek(modreader, posit + 0x2C, SEEK_SET); |
693 | posit = _mm_read_M_ULONG(modreader); | 733 | posit = _mm_read_M_ULONG(modreader); |
694 | namelen = _mm_read_M_ULONG(modreader); | 734 | namelen = _mm_read_M_ULONG(modreader); |
695 | 735 | ||
696 | _mm_fseek(modreader, posit, SEEK_SET); | 736 | _mm_fseek(modreader, posit, SEEK_SET); |
697 | name = MikMod_malloc(namelen); | 737 | name = (CHAR*) MikMod_malloc(namelen); |
698 | _mm_read_UBYTES(name, namelen, modreader); | 738 | _mm_read_UBYTES(name, namelen, modreader); |
699 | retvalue = DupStr(name, namelen, 1); | 739 | retvalue = DupStr(name, namelen, 1); |
700 | MikMod_free(name); | 740 | MikMod_free(name); |